CVE-2018-16793

Published Sep 21, 2018

Last updated 6 years ago

CVSS high 8.6

Overview

Description: Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 8.6
Impact score: 4
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-918

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83FFE534-130A-4A32-BB59-7FAABAF73BCE"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1086BF1-F02A-4C5B-B88F-D00D8B056635"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "980B60DA-905A-4779-8343-5F4AA5D201E9"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DB02CFC-9A25-44F2-8A66-7C643AB43912"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup13:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF7C732B-C661-4293-AB6D-5D2FF84B68D8"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup14:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F59246E-E4BD-4674-9F9E-5BCB75BEC74E"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62D53184-47CF-47C9-8B7E-FFD0191155E5"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup16:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "886E592B-2C1F-427B-8755-FAEF5DDB4EA8"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup17:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "410EF0A5-D643-4A69-9EB0-1800C7D05399"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup18:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98CF1BA9-369F-4E9D-B2E1-EA58C36E31C6"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9881F6A7-5309-4316-9582-05241F46AE88"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2A3DB0B-8A7E-4C26-A3E4-E842F1FB1B8A"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6029A711-FA91-4499-A31C-85D0B38AAD03"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3B92914-8DD0-4E01-9B12-C3EBD5117FD8"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E40E301E-EEE1-441F-A3BA-982F1AA6EFD9"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B169D86-EB4B-40FE-AF6F-E83B9117E9CA"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FDE1DFE-0147-421F-A8F8-B4D53C50A60D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4A5F683-CF95-4427-A837-FAAC4981C43D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References